Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help remove Linkey and Obrana bundle package infection
Message
<blockquote data-quote="ohnovirus" data-source="post: 331132" data-attributes="member: 32962"><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015</p><p>Ran by Tae Youn at 2015-01-10 01:32:22</p><p>Running from C:\Users\Tae Youn\Downloads</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden</p><p>Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0 - Adobe Systems Incorporated)</p><p>Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)</p><p>AMD Catalyst Install Manager (HKLM\...\{14718008-7D73-53AA-D0FF-88E805958D42}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)</p><p>AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)</p><p>Anki (HKLM-x32\...\Anki) (Version: - )</p><p>Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)</p><p>Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)</p><p>Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)</p><p>Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden</p><p>BitTorrent (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)</p><p>BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden</p><p>C4700 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden</p><p>DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden</p><p>Dropbox (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\Dropbox) (Version: 2.10.46 - Dropbox, Inc.)</p><p>ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)</p><p>FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden</p><p>FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)</p><p>Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden</p><p>HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)</p><p>HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)</p><p>HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)</p><p>HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)</p><p>HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)</p><p>HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)</p><p>HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden</p><p>HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden</p><p>HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden</p><p>MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)</p><p>Microsoft SkyDrive (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)</p><p>Mnemosyne 2.3.1 (HKLM-x32\...\Mnemosyne_is1) (Version: - )</p><p>Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden</p><p>Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)</p><p>Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden</p><p>Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)</p><p>Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)</p><p>Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden</p><p>Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.38.0 - Symantec Corporation)</p><p>Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)</p><p>Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)</p><p>Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden</p><p>PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )</p><p>Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden</p><p>PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)</p><p>Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden</p><p>PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden</p><p>QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)</p><p>Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)</p><p>REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)</p><p>REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden</p><p>Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)</p><p>Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden</p><p>Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)</p><p>SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden</p><p>Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)</p><p>Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden</p><p>Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)</p><p>TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)</p><p>TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation)</p><p>Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)</p><p>TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)</p><p>TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)</p><p>TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)</p><p>TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)</p><p>TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)</p><p>TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)</p><p>TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)</p><p>TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)</p><p>TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)</p><p>TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)</p><p>TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)</p><p>TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)</p><p>TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)</p><p>TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)</p><p>TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden</p><p>Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden</p><p>Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden</p><p>Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden</p><p>WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden</p><p>WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)</p><p>WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)</p><p>Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>19-12-2014 08:46:29 Windows Update</p><p>28-12-2014 23:14:46 Scheduled Checkpoint</p><p>06-01-2015 08:58:29 Scheduled Checkpoint</p><p>08-01-2015 09:02:58 Installed Adblock Plus for IE (32-bit and 64-bit)</p><p>09-01-2015 15:30:26 Restore Operation</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {253C1BD1-B60B-4F28-A302-22ED6B0631D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.)</p><p>Task: {3739C601-EC5E-42F0-B77B-AF426AF81B5B} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)</p><p>Task: {5ED23A88-62E5-4B5D-8064-097E197D2A60} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)</p><p>Task: {61FEA8B5-17DA-4069-9BDA-40098B216A87} - \LaunchSignup No Task File <==== ATTENTION</p><p>Task: {62BBCC69-C4E3-4CF7-B82E-B3C83BA94790} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)</p><p>Task: {63A257F1-7111-4EEF-80AA-468378003C3E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)</p><p>Task: {72867436-1958-4995-AC72-587C08C02EE1} - System32\Tasks\{B84B7E9E-7B5C-4009-9384-3E55CAB8D2F1} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION</p><p>Task: {83805A5B-E3B3-4595-B60A-4524898903E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)</p><p>Task: {A01C60F6-5EEE-485C-B209-B55D0E606B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.)</p><p>Task: {D11AF9DC-8164-4613-9FC8-B5D5A3CCC57E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated)</p><p>Task: {EE102A93-6073-45DA-AF8E-22C3CDBA8971} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-08] (AVAST Software)</p><p>Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2015-01-08 04:11 - 2015-01-07 10:27 - 04316160 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe</p><p>2014-11-08 01:12 - 2014-11-08 01:12 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll</p><p>2014-11-08 01:12 - 2014-11-08 01:12 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll</p><p>2015-01-08 04:11 - 2015-01-08 04:11 - 00154112 ____R () C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe</p><p>2012-07-18 17:38 - 2012-07-18 17:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll</p><p>2014-10-03 00:08 - 2014-10-03 00:08 - 01435136 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe</p><p>2014-11-08 01:12 - 2014-11-08 01:12 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll</p><p>2015-01-10 01:19 - 2015-01-10 01:19 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011000\algo.dll</p><p>2015-01-08 04:11 - 2015-01-07 10:27 - 00117262 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\libgcc_s_dw2-1.dll</p><p>2015-01-08 04:11 - 2015-01-07 10:27 - 00970766 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\libstdc++-6.dll</p><p>2014-11-08 01:12 - 2014-11-08 01:12 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll</p><p>2014-12-30 21:10 - 2015-01-09 23:59 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p></p><p>========================= Accounts: ==========================</p><p></p><p>Administrator (S-1-5-21-575280890-2764862635-724835175-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-575280890-2764862635-724835175-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-575280890-2764862635-724835175-1003 - Limited - Enabled)</p><p>Tae Youn (S-1-5-21-575280890-2764862635-724835175-1001 - Administrator - Enabled) => C:\Users\Tae Youn</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p>Name: Photosmart C4700 series</p><p>Description: Photosmart C4700 series</p><p>Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}</p><p>Manufacturer: HP</p><p>Service:</p><p>Problem: : This device is disabled. (Code 22)</p><p>Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.</p><p></p><p>Name: avast! SecureLine TAP Adapter v3</p><p>Description: avast! SecureLine TAP Adapter v3</p><p>Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}</p><p>Manufacturer: TAP-Windows Provider V9</p><p>Service: aswTap</p><p>Problem: : This device is disabled. (Code 22)</p><p>Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.</p><p></p><p>Name: Photosmart C4700 series</p><p>Description: Photosmart C4700 series</p><p>Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}</p><p>Manufacturer: HP</p><p>Service: StillCam</p><p>Problem: : This device is disabled. (Code 22)</p><p>Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (01/10/2015 01:21:26 AM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 11:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: DaS_21.exe, version: 2.1.0.4, time stamp: 0x540c90b2</p><p>Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e</p><p>Exception code: 0xe0434352</p><p>Fault offset: 0x000000000000606c</p><p>Faulting process id: 0x1170</p><p>Faulting application start time: 0xDaS_21.exe0</p><p>Faulting application path: DaS_21.exe1</p><p>Faulting module path: DaS_21.exe2</p><p>Report Id: DaS_21.exe3</p><p>Faulting package full name: DaS_21.exe4</p><p>Faulting package-relative application ID: DaS_21.exe5</p><p></p><p>Error: (01/09/2015 11:44:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: DaS_21.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.ArgumentOutOfRangeException</p><p>Stack:</p><p> at System.String.Substring(Int32, Int32)</p><p> at DriverAndServicesOut.GetProcess.GetPathName(System.String)</p><p> at DriverAndServicesOut.GetProcess.GetAllServices(System.String)</p><p> at DriverAndServicesOut.Program.Main(System.String[])</p><p></p><p>Error: (01/09/2015 10:04:55 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program firefox.exe version 35.0.0.5476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 1570</p><p></p><p>Start Time: 01d02c9aec15e945</p><p></p><p>Termination Time: 130</p><p></p><p>Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p></p><p>Report Id: 96ef30f1-988e-11e4-bee2-008cfa428d18</p><p></p><p>Faulting package full name:</p><p></p><p>Faulting package-relative application ID:</p><p></p><p>Error: (01/09/2015 10:00:44 PM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )</p><p>Description: svchost (1692) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU01EB6.log.</p><p></p><p>Error: (01/09/2015 03:51:59 PM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 03:51:29 PM) (Source: System Restore) (EventID: 8210) (User: )</p><p>Description: An unspecified error occurred during System Restore: (Installed Adblock Plus for IE (32-bit and 64-bit)). Additional information: 0x80070005.</p><p></p><p>Error: (01/09/2015 03:16:02 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: rundll32.exe_winethc.dll, version: 6.3.9600.16384, time stamp: 0x5215f00d</p><p>Faulting module name: USER32.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22</p><p>Exception code: 0xc0000142</p><p>Fault offset: 0x00000000000ec0b4</p><p>Faulting process id: 0x3134</p><p>Faulting application start time: 0xrundll32.exe_winethc.dll0</p><p>Faulting application path: rundll32.exe_winethc.dll1</p><p>Faulting module path: rundll32.exe_winethc.dll2</p><p>Report Id: rundll32.exe_winethc.dll3</p><p>Faulting package full name: rundll32.exe_winethc.dll4</p><p>Faulting package-relative application ID: rundll32.exe_winethc.dll5</p><p></p><p>Error: (01/09/2015 03:02:58 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: avastui.exe, version: 10.0.2208.726, time stamp: 0x547764ec</p><p>Faulting module name: avastui.exe, version: 10.0.2208.726, time stamp: 0x547764ec</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0019fcf0</p><p>Faulting process id: 0x23d4</p><p>Faulting application start time: 0xavastui.exe0</p><p>Faulting application path: avastui.exe1</p><p>Faulting module path: avastui.exe2</p><p>Report Id: avastui.exe3</p><p>Faulting package full name: avastui.exe4</p><p>Faulting package-relative application ID: avastui.exe5</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (01/10/2015 01:20:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )</p><p>Description: The MpkingAcpoiscines service hung on starting.</p><p></p><p>Error: (01/10/2015 01:19:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:</p><p>%%31</p><p></p><p>Error: (01/10/2015 01:19:06 AM) (Source: APXACC) (EventID: 1003) (User: )</p><p>Description: The NDIS6 LWF initialization has failed. (0xC0000001)</p><p></p><p>Error: (01/10/2015 00:36:19 AM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (01/10/2015 00:36:19 AM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (01/10/2015 00:36:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (01/10/2015 00:36:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (01/10/2015 00:36:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (01/09/2015 09:59:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )</p><p>Description: The MpkingAcpoiscines service hung on starting.</p><p></p><p>Error: (01/09/2015 09:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:</p><p>%%31</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (01/10/2015 01:21:26 AM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 11:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: DaS_21.exe2.1.0.4540c90b2KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c117001d02ca9484e2cd2C:\Users\TAEYOU~1\AppData\Local\Temp\DaS_21.exeC:\WINDOWS\system32\KERNELBASE.dll8a5d46f2-989c-11e4-bee2-008cfa428d18</p><p></p><p>Error: (01/09/2015 11:44:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: DaS_21.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.ArgumentOutOfRangeException</p><p>Stack:</p><p> at System.String.Substring(Int32, Int32)</p><p> at DriverAndServicesOut.GetProcess.GetPathName(System.String)</p><p> at DriverAndServicesOut.GetProcess.GetAllServices(System.String)</p><p> at DriverAndServicesOut.Program.Main(System.String[])</p><p></p><p>Error: (01/09/2015 10:04:55 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: firefox.exe35.0.0.5476157001d02c9aec15e945130C:\Program Files (x86)\Mozilla Firefox\firefox.exe96ef30f1-988e-11e4-bee2-008cfa428d18</p><p></p><p>Error: (01/09/2015 10:00:44 PM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )</p><p>Description: svchost1692SRUJet: C:\WINDOWS\system32\SRU\SRU01EB6.log-1811 (0xfffff8ed)</p><p></p><p>Error: (01/09/2015 03:51:59 PM) (Source: Toshiba App Place) (EventID: 0) (User: )</p><p>Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.</p><p>Parameter name: dueTime</p><p>Stack Trace:</p><p> at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)</p><p> at System.Timers.Timer.set_Enabled(Boolean value)</p><p> at SnappCloud.ActivationReminder.AraClient.PostInit()</p><p> at SnappCloud.ActivationReminder.Program.Main(String[] args)</p><p></p><p>Error: (01/09/2015 03:51:29 PM) (Source: System Restore) (EventID: 8210) (User: )</p><p>Description: Installed Adblock Plus for IE (32-bit and 64-bit)0x80070005</p><p></p><p>Error: (01/09/2015 03:16:02 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: rundll32.exe_winethc.dll6.3.9600.163845215f00dUSER32.dll6.3.9600.1727853eebd22c000014200000000000ec0b4313401d02c623b98c35bC:\WINDOWS\System32\rundll32.exeUSER32.dll79d92145-9855-11e4-bee0-008cfa428d18</p><p></p><p>Error: (01/09/2015 03:02:58 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: avastui.exe10.0.2208.726547764ecavastui.exe10.0.2208.726547764ecc00000050019fcf023d401d02c6044ea2f38C:\Program Files\AVAST Software\Avast\avastui.exeC:\Program Files\AVAST Software\Avast\avastui.exea6c03dc6-9853-11e4-bee0-008cfa428d18</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Processor: AMD A6-4400M APU with Radeon(tm) HD Graphics</p><p>Percentage of memory in use: 50%</p><p>Total physical RAM: 3550.26 MB</p><p>Available physical RAM: 1757.3 MB</p><p>Total Pagefile: 5534.26 MB</p><p>Available Pagefile: 3102.45 MB</p><p>Total Virtual: 131072 MB</p><p>Available Virtual: 131071.85 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (TI10657600C) (Fixed) (Total:453.76 GB) (Free:412.16 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)</p><p></p><p>Partition: GPT Partition Type.</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="ohnovirus, post: 331132, member: 32962"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by Tae Youn at 2015-01-10 01:32:22 Running from C:\Users\Tae Youn\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{14718008-7D73-53AA-D0FF-88E805958D42}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks) Anki (HKLM-x32\...\Anki) (Version: - ) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden BitTorrent (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C4700 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\Dropbox) (Version: 2.10.46 - Dropbox, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mnemosyne 2.3.1 (HKLM-x32\...\Mnemosyne_is1) (Version: - ) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.38.0 - Symantec Corporation) Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.) REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA) TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation) Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.) TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation) TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation) TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation) TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA) TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tae Youn\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-575280890-2764862635-724835175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tae Youn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 19-12-2014 08:46:29 Windows Update 28-12-2014 23:14:46 Scheduled Checkpoint 06-01-2015 08:58:29 Scheduled Checkpoint 08-01-2015 09:02:58 Installed Adblock Plus for IE (32-bit and 64-bit) 09-01-2015 15:30:26 Restore Operation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {253C1BD1-B60B-4F28-A302-22ED6B0631D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.) Task: {3739C601-EC5E-42F0-B77B-AF426AF81B5B} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {5ED23A88-62E5-4B5D-8064-097E197D2A60} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {61FEA8B5-17DA-4069-9BDA-40098B216A87} - \LaunchSignup No Task File <==== ATTENTION Task: {62BBCC69-C4E3-4CF7-B82E-B3C83BA94790} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation) Task: {63A257F1-7111-4EEF-80AA-468378003C3E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {72867436-1958-4995-AC72-587C08C02EE1} - System32\Tasks\{B84B7E9E-7B5C-4009-9384-3E55CAB8D2F1} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION Task: {83805A5B-E3B3-4595-B60A-4524898903E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation) Task: {A01C60F6-5EEE-485C-B209-B55D0E606B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.) Task: {D11AF9DC-8164-4613-9FC8-B5D5A3CCC57E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated) Task: {EE102A93-6073-45DA-AF8E-22C3CDBA8971} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-08] (AVAST Software) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2015-01-08 04:11 - 2015-01-07 10:27 - 04316160 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe 2014-11-08 01:12 - 2014-11-08 01:12 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-08 01:12 - 2014-11-08 01:12 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-01-08 04:11 - 2015-01-08 04:11 - 00154112 ____R () C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe 2012-07-18 17:38 - 2012-07-18 17:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2014-10-03 00:08 - 2014-10-03 00:08 - 01435136 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe 2014-11-08 01:12 - 2014-11-08 01:12 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-01-10 01:19 - 2015-01-10 01:19 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011000\algo.dll 2015-01-08 04:11 - 2015-01-07 10:27 - 00117262 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\libgcc_s_dw2-1.dll 2015-01-08 04:11 - 2015-01-07 10:27 - 00970766 ___SH () C:\Program Files (x86)\MpkingAcpoiscines\libstdc++-6.dll 2014-11-08 01:12 - 2014-11-08 01:12 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-12-30 21:10 - 2015-01-09 23:59 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-575280890-2764862635-724835175-500 - Administrator - Disabled) Guest (S-1-5-21-575280890-2764862635-724835175-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-575280890-2764862635-724835175-1003 - Limited - Enabled) Tae Youn (S-1-5-21-575280890-2764862635-724835175-1001 - Administrator - Enabled) => C:\Users\Tae Youn ==================== Faulty Device Manager Devices ============= Name: Photosmart C4700 series Description: Photosmart C4700 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart C4700 series Description: Photosmart C4700 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (01/10/2015 01:21:26 AM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 11:44:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: DaS_21.exe, version: 2.1.0.4, time stamp: 0x540c90b2 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0xe0434352 Fault offset: 0x000000000000606c Faulting process id: 0x1170 Faulting application start time: 0xDaS_21.exe0 Faulting application path: DaS_21.exe1 Faulting module path: DaS_21.exe2 Report Id: DaS_21.exe3 Faulting package full name: DaS_21.exe4 Faulting package-relative application ID: DaS_21.exe5 Error: (01/09/2015 11:44:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: DaS_21.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.ArgumentOutOfRangeException Stack: at System.String.Substring(Int32, Int32) at DriverAndServicesOut.GetProcess.GetPathName(System.String) at DriverAndServicesOut.GetProcess.GetAllServices(System.String) at DriverAndServicesOut.Program.Main(System.String[]) Error: (01/09/2015 10:04:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 35.0.0.5476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1570 Start Time: 01d02c9aec15e945 Termination Time: 130 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 96ef30f1-988e-11e4-bee2-008cfa428d18 Faulting package full name: Faulting package-relative application ID: Error: (01/09/2015 10:00:44 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1692) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU01EB6.log. Error: (01/09/2015 03:51:59 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 03:51:29 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: An unspecified error occurred during System Restore: (Installed Adblock Plus for IE (32-bit and 64-bit)). Additional information: 0x80070005. Error: (01/09/2015 03:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rundll32.exe_winethc.dll, version: 6.3.9600.16384, time stamp: 0x5215f00d Faulting module name: USER32.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22 Exception code: 0xc0000142 Fault offset: 0x00000000000ec0b4 Faulting process id: 0x3134 Faulting application start time: 0xrundll32.exe_winethc.dll0 Faulting application path: rundll32.exe_winethc.dll1 Faulting module path: rundll32.exe_winethc.dll2 Report Id: rundll32.exe_winethc.dll3 Faulting package full name: rundll32.exe_winethc.dll4 Faulting package-relative application ID: rundll32.exe_winethc.dll5 Error: (01/09/2015 03:02:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: avastui.exe, version: 10.0.2208.726, time stamp: 0x547764ec Faulting module name: avastui.exe, version: 10.0.2208.726, time stamp: 0x547764ec Exception code: 0xc0000005 Fault offset: 0x0019fcf0 Faulting process id: 0x23d4 Faulting application start time: 0xavastui.exe0 Faulting application path: avastui.exe1 Faulting module path: avastui.exe2 Report Id: avastui.exe3 Faulting package full name: avastui.exe4 Faulting package-relative application ID: avastui.exe5 System errors: ============= Error: (01/10/2015 01:20:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The MpkingAcpoiscines service hung on starting. Error: (01/10/2015 01:19:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%31 Error: (01/10/2015 01:19:06 AM) (Source: APXACC) (EventID: 1003) (User: ) Description: The NDIS6 LWF initialization has failed. (0xC0000001) Error: (01/10/2015 00:36:19 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/10/2015 00:36:19 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/10/2015 00:36:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/10/2015 00:36:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/10/2015 00:36:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/09/2015 09:59:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The MpkingAcpoiscines service hung on starting. Error: (01/09/2015 09:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%31 Microsoft Office Sessions: ========================= Error: (01/10/2015 01:21:26 AM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 11:44:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: DaS_21.exe2.1.0.4540c90b2KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c117001d02ca9484e2cd2C:\Users\TAEYOU~1\AppData\Local\Temp\DaS_21.exeC:\WINDOWS\system32\KERNELBASE.dll8a5d46f2-989c-11e4-bee2-008cfa428d18 Error: (01/09/2015 11:44:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: DaS_21.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.ArgumentOutOfRangeException Stack: at System.String.Substring(Int32, Int32) at DriverAndServicesOut.GetProcess.GetPathName(System.String) at DriverAndServicesOut.GetProcess.GetAllServices(System.String) at DriverAndServicesOut.Program.Main(System.String[]) Error: (01/09/2015 10:04:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe35.0.0.5476157001d02c9aec15e945130C:\Program Files (x86)\Mozilla Firefox\firefox.exe96ef30f1-988e-11e4-bee2-008cfa428d18 Error: (01/09/2015 10:00:44 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1692SRUJet: C:\WINDOWS\system32\SRU\SRU01EB6.log-1811 (0xfffff8ed) Error: (01/09/2015 03:51:59 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/09/2015 03:51:29 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Installed Adblock Plus for IE (32-bit and 64-bit)0x80070005 Error: (01/09/2015 03:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rundll32.exe_winethc.dll6.3.9600.163845215f00dUSER32.dll6.3.9600.1727853eebd22c000014200000000000ec0b4313401d02c623b98c35bC:\WINDOWS\System32\rundll32.exeUSER32.dll79d92145-9855-11e4-bee0-008cfa428d18 Error: (01/09/2015 03:02:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: avastui.exe10.0.2208.726547764ecavastui.exe10.0.2208.726547764ecc00000050019fcf023d401d02c6044ea2f38C:\Program Files\AVAST Software\Avast\avastui.exeC:\Program Files\AVAST Software\Avast\avastui.exea6c03dc6-9853-11e4-bee0-008cfa428d18 ==================== Memory info =========================== Processor: AMD A6-4400M APU with Radeon(tm) HD Graphics Percentage of memory in use: 50% Total physical RAM: 3550.26 MB Available physical RAM: 1757.3 MB Total Pagefile: 5534.26 MB Available Pagefile: 3102.45 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (TI10657600C) (Fixed) (Total:453.76 GB) (Free:412.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top